access

, faccessat

Synopsis

Description

The access() function checks the file named by the pathname pointed to
by the path argument for accessibility according to the bit pattern contained
in amode, using the real user ID in place of the effective user
ID and the real group ID in place of the effective group
ID. This allows a setuid process to verify that the user running
it would have had permission to access this file.

The value of amode is either the bitwise inclusive OR of the
access permissions to be checked (R_OK, W_OK, X_OK) or the existence test,
F_OK.

These constants are defined in <unistd.h> as follows:

R_OK

Test for read permission.

W_OK

Test for write permission.

X_OK

Test for execute or search permission.

F_OK

Check existence of file

See Intro(2) for additional information about “File Access Permission”.

If any access permissions are to be checked, each will be checked
individually, as described in Intro(2). If the process has appropriate privileges, an
implementation may indicate success for X_OK even if none of the execute file
permission bits are set.

The faccessat() function is equivalent to the access() function, except in the
case where path specifies a relative path. In this case the file
whose accessibility is to be determined is located relative to the directory
associated with the file descriptor fd instead of the current working directory.

If faccessat() is passed in the fd parameter the special value AT_FDCWD,
defined in <fcntl.h>, the current working directory is used and the behavior
is identical to a call to access().

Values for flag are constructed by a bitwise-inclusive OR of flags from
the following list, defined in <fcntl.h>:

AT_EACCESS

The checks for accessibility are performed using the effective user and group IDs instead of the real user and group ID as required in a call to access().

Return Values

If the requested access is permitted, access() and faccessat()succeed and return 0.
Otherwise, -1 is returned and errno is set to indicate the error.

Errors

The access() and faccessat() functions will fail if:

EACCES

Permission bits of the file mode do not permit the requested access, or search permission is denied on a component of the path prefix.

EFAULT

The path argument points to an illegal address.

EINTR

A signal was caught during the access() function.

ELOOP

Too many symbolic links were encountered in resolving path, or loop exists in symbolic links encountered during resolution of the path argument.

ENAMETOOLONG

The length of the path argument exceeds {PATH_MAX}, or a pathname component is longer than {NAME_MAX} while _POSIX_NO_TRUNC is in effect.

ENOENT

A component of path does not name an existing file or path is an empty string.

ENOLINK

The path argument points to a remote machine and the link to that machine is no longer active.

ENOTDIR

A component of the path prefix is not a directory.

ENXIO

The path argument points to a character or block device special file and the corresponding device has been retired by the fault management framework.

EROFS

Write access is requested for a file on a read-only file system.

The faccessat() function will fail if:

EBADF

The path argument does not specify an absolute path and the fd argument is neither AT_FDCWD nor a valid file descriptor open for reading or searching.

The access() and faccessat() functions may fail if:

EINVAL

The value of the amode argument is invalid.

ENAMETOOLONG

Pathname resolution of a symbolic link produced an intermediate result whose length exceeds {PATH_MAX}.

ETXTBSY

Write access is requested for a pure procedure (shared text) file that is being executed.

The faccessat() function may fail if:

EINVAL

The value of the flag argument is not valid.

ENOTDIR

The path argument is not an absolute path and fd is neither AT_FDCWD nor a file descriptor associated with a directory.

Usage

Additional values of amode other than the set defined in the description
might be valid, for example, if a system has extended access controls.

The purpose of the faccessat() function is to enable the checking of
the accessibility of files in directories other than the current working directory
without exposure to race conditions. Any part of the path of a
file could be changed in parallel to a call to access(), resulting
in unspecified behavior. By opening a file descriptor for the target directory
and using the faccessat() function, it can be guaranteed that the file
tested for accessibility is located relative to the desired directory.